[ES-313] fixes merged from develop to release branch (#1106)

* MOSIP-26891 added condition in caching (#1045)

Co-authored-by: Neha Farheen <[email protected]>

* Mosip 26891 caches in ida module should avoid caching null values (#1046)

* MOSIP-26891 added condition in caching

* modified the conditions

---------

Co-authored-by: Neha Farheen <[email protected]>

* Mosip 26891 caches in ida module should avoid caching null values (#1047)

* MOSIP-26891 added condition in caching

* modified the conditions

* condition changed

---------

Co-authored-by: Neha Farheen <[email protected]>

* Mosip 26891 caches in ida module should avoid caching null values (#1048)

* MOSIP-26891 added condition in caching

* modified the conditions

* condition changed

* condition changed

---------

Co-authored-by: Neha Farheen <[email protected]>

* Mosip 26891 caches in ida module should avoid caching null values (#1049)

* MOSIP-26891 added condition in caching

* modified the conditions

* condition changed

* condition changed

* condition changed

---------

Co-authored-by: Neha Farheen <[email protected]>

* [BUGFIX] [ES-176]

Handles the scenario when no claims are accepted from a set of optional claims
sub parameter is added to consented claim by default if it is emptywq

* iat validation corrected

* [MOSIP-28622] fixed firstname, lastname not populating in e-signet issue.

* [MOSIP-28484] Added error handling for deploy.sh script (#1061)

* [MOSIP-28484] Added error handling for deploy.sh script

* [MOSIP-28484] Updated error handling for deploy.sh script

* [MOSIP-28484] Removed exit command

---------

Co-authored-by: akilalakshmanan <[email protected]>

* Implemented the VCI plugin in IDA

* Format the code

* Changes done

* Changes done

* Changes done

* Decrypted the individualId

* [ES-186] Added new Vci Exchange API to add support for VCI.

* Added new repo for LD signature library. (#1075)

* updated push trigger to include settings.xml for sonar analysis and fixed start up error.

* removed show progress argument for wget command to display download progress.

* ES-107

* Fixed the cache read issue

* ES-187

* ES-187

* [ES-186] Fixed integration issues.

* ES-187

* [ES-186] changed the VC ID to UUID instead of PSUT and added locales.

* [MOSIP-29163] updated reusable workflows (#1088)

* merge from release-1.2.0.1 to develop (#1089)

* [MOSIP-21002] Updated kyc error response to have kycStatus and updated db scripts (#872)

* Update 1.2_ida-scripts_release.sql (#852)

* [MOSIP-21072] Fixed db scripts for upgrade (#865)

* [MOSIP-18655] reverted EnvUtil as RefreshScope

* [MOSIP-18655] Ignoring test cases temporarily

* [MOSIP-18655] Updated EnvUtil to implement env methods

* [MOSIP-18655] Ignoring test cases temporarily

* [MOSIP-18655] Ignoring test cases temporarily

* [MOSIP-18655] reverted EnvUtil as RefreshScope

* [MOSIP-18655] reverted EnvUtil as RefreshScope

* [MOSIP-18655] Updated EnvUtil to implement env methods

* [MOSIP-18655] reverted EnvUtil as RefreshScope

* [MOSIP-18655] Updated EnvUtil to implement env methods

* [MOSIP-18655] reverted EnvUtil as RefreshScope

* [MOSIP-18655] Updated EnvUtil to implement env methods

* [MOSIP-18655] reverted EnvUtil as RefreshScope

* [MOSIP-18655] Updated EnvUtil to implement env methods

* [MOSIP-21072] Fixed db scripts for upgrade

* [MOSIP-21002] Updated kyc error response to have kycStatus (#868)

* Revert "[MOSIP-21072] Fixed db scripts for upgrade (#865)" (#869)

This reverts commit bed76a2.

* [MOSIP-21002] Updated kyc error response to have kycStatus and updated db release scripts (#871)

* Revert "[MOSIP-21072] Fixed db scripts for upgrade (#865)"

This reverts commit bed76a2.

* [MOSIP-21072] reverted release script changes

* [MOSIP-21072] reverted release script changes

* Revert "[MOSIP-21072] reverted release script changes"

This reverts commit 4cbb989.

* [MOSIP-21072] updated db release scripts (#873)

* Revert "[MOSIP-21072] Fixed db scripts for upgrade (#865)"

This reverts commit bed76a2.

* [MOSIP-21072] reverted release script changes

* [MOSIP-21072] reverted release script changes

* Revert "[MOSIP-21072] reverted release script changes"

This reverts commit 4cbb989.

* [MOSIP-21072] updated db release scripts

* [MOSIP-21072] Updated exception handling for ekyc (#874)

* Revert "[MOSIP-21072] Fixed db scripts for upgrade (#865)"

This reverts commit bed76a2.

* [MOSIP-21072] reverted release script changes

* [MOSIP-21072] reverted release script changes

* Revert "[MOSIP-21072] reverted release script changes"

This reverts commit 4cbb989.

* [MOSIP-21072] updated db release scripts

* [MOSIP-21072] Fixed test case

* [MOSIP-20984] added support for bio type to be case insensitive (#875)

* Revert "[MOSIP-21072] Fixed db scripts for upgrade (#865)"

This reverts commit bed76a2.

* [MOSIP-21072] reverted release script changes

* [MOSIP-21072] reverted release script changes

* Revert "[MOSIP-21072] reverted release script changes"

This reverts commit 4cbb989.

* [MOSIP-21072] updated db release scripts

* [MOSIP-21072] Fixed test case

* [MOSIP-20984] added support for bio type to be case insensitive

Co-authored-by: Loganathan Sekar <[email protected]>

* [MOSIP-20020] Update release_changes.yml

* [ MOSIP-20021 ] updated release_changes.yml to update README.md badges

* [MOSIP-20028] added action for tagging

* Added pre-expire-days & access-allowed values in DB release script. (#897)

* release file name changes.

* MOSIP-23611- Added flag to enable missing credential retrigger. Disabled by default

* Added logger

* release file name changes.

* release file name changes.

* Test case fix

* Release Bot Pre-release changes

* Update README.md

* updated snapshot url in push_trigger.yaml

* Added auth context class in internal and otp service, renamed the db script files.

* Removed not null constraint to policy id and added kycexchange exception handler.

* [DSD-1944] updated keymanager version

* updated sonar token

* Release Bot Pre-release changes

* Update README.md

* Code from develop branch. (#1000)

* resolved merge conflicts.

* [MOSIP-20020] Update release_changes.yml

* [ MOSIP-20021 ] updated release_changes.yml to update README.md badges

* [MOSIP-20028] added action for tagging

* Added pre-expire-days & access-allowed values in DB release script. (#897)

* release file name changes.

* Added auth context class in internal and otp service, renamed the db script files.

* removed not null constraint for policy_id in misp license data.

* [DSD-1935]added new token to check sonar_token functionality

* [DSD-1935]Updated sonar token

* MOSIP-25606 Fixed OIDC Client create/update and corrected address claim attributes.

* Added audit entry for kyc exchange and updated idhash in audit entry instead of individual id.

* Fixed bugs MOSIP-25718, MOSIP-25717 add opencv jar file for image conversion performance.

* Fixed test case.

* MOSIP-25757: Created esignet-integration-impl

* Removed mock implementations

* Changed class name

* Changed package name

* Changed esignet dependency scope

* Added ignore on failed test cases

* Added new Identity key binding API in ida service.

* MOSIP-25855: Added getAllKycSigningCertificates

* Added default values

* Removed Authentication Header

* Added test classes

* Modified test cases

* MOSIP-25324

* Added tables in ddl.sql

* [MOSIP-25637] Updated postgres-init_trigger.yml workflow (#965)

* [MOSIP-25637] Updated postgres-init_trigger.yml workflow

* Update postgres-init_trigger.yml

* [MOSIP-25637] Updated postgres-init_trigger.yml workflow (#966)

* Changes in biomatcher Util for unknown data (#971)

Co-authored-by: Neha Farheen <[email protected]>

* Mosip 26307 change in ida to correct bio sub type value sent in the match request (#972)

* Changes in biomatcher Util for unknown data

* Bug fixed

---------

Co-authored-by: Neha Farheen <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>

* MOSIP-26295: Auditor implementation

* MOSIP-25867

* fixed application start error.

* MOSIP-26484

* Fixed test case failures

* Fixed couple of bugs. Jira # MOSIP-26472, MOSIP-26028.

* Renamed TokenInfo to KeyBindedToken

* MOSIP-26484

* MOSIP-26484

* Added workaround for key binded auth.

* Fixed test case failure error.

* MOSIP-26484 (#985)

Co-authored-by: ase-101 <>

* Fixed audit caching issue

* Update AuthTransactionHelper.java

* Fixed auditing error

* Added Key Binded Token authentication functionality.

* ignoring the failed test case temporarily.

* Corrected the header names

* Corrected the header names

* MOSIP-25324

* MOSIP-25324

* MOSIP-25324

* MOSIP-25324

* Changed kycStatus to bindingAuthStatus

* Added debug statement.

* Fixed issue in comparing the time difference.

* DB changes added in release db scripts

* Updating certificate to all VIDs for same TokenId and changed logic in fetching the binded certificates.

---------

Co-authored-by: Keshav Mishra <[email protected]>
Co-authored-by: syed-salman-technoforte <[email protected]>
Co-authored-by: kameshsr <[email protected]>
Co-authored-by: Mahesh-Binayak <[email protected]>
Co-authored-by: M1044292 <[email protected]>
Co-authored-by: ase-101 <>
Co-authored-by: Mohan E <[email protected]>
Co-authored-by: Neha2365 <[email protected]>
Co-authored-by: Neha Farheen <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: Anusha Sunkada <[email protected]>
Co-authored-by: Himaja Dhanyamraju <[email protected]>

* updated snapshot url (#1001)

* Corrected the upgrade scripts name (#1002)

Co-authored-by: ase-101 <>

* Release changes (#1004)

* Release Bot Pre-release changes

* Update README.md

---------

Co-authored-by: ckm007 <[email protected]>

* [DSD-2478] (#1005)

* MOSIP-26742 hash logic compatibility release 1201 (#1007)

MOSIP-26742 
* Added support for legacy method of hashing
* Handled salt missing when newhash calculation
* Review comment fixes
* Updated conditions and added logging
---------
Co-authored-by: Loganathan Sekar <[email protected]>

* Mosip 26742 hash logic compatibility 1 (#1008)

* Added support for legacy method of hashing

* Test fixes

* Handled salt missing when newhash calculation

* Review comment fixes

* Updated conditions and added logging

* Fixed value annotation

---------

Co-authored-by: Loganathan Sekar <[email protected]>

* [MOSIP-23422] updated db_release scripts (#1022)

* [MOSIP-27964] updated upgrade sql's

* [MOSIP-27964] Update 1.1.5.5_to_1.2.0.1-B1_upgrade.sql (#1032)

Signed-off-by: Keshav Mishra <[email protected]>

* [MOSIP-27964]

* [MOSIP-27996] updated rollback sql

* [MOSIP-23218] Updated Pom.xml versions. (#1035)

* Updated versions to -SNAPSHOT

* Updated version to 1.2.0.1-SNAPSHOT

* Test fix

* [MOSIP-28175]Fixed publish to nexus failure

* Fix to salt caching issue

* Revert "Include new class from keymanager in imports."

This reverts commit 17a2375.

* Revert "Added functionality in kyc-exchange API to return response in encrypted form (JWE).MOSIP-25369"

This reverts commit ec22724.

* Removed sysadmin

* Corrected user

* MOSIP-28227 Moved ddl script into upgrade scripts, corrections to upgrade scripts

* Added placeholder scripts for upgrade

* Jira No. MOSIP-28227, removed the truncate previledge for 3 tables and drop key_policy_def_h table. (#1053)

* [MOSIP-28622] fixed firstname, lastname not populating in e-signet issue.

* Reverted dependencies snapshot versions (#1059)

Co-authored-by: Loganathan Sekar <[email protected]>

* Fix compilation issue after snapshot version revert. (#1060)

* Reverted dependencies snapshot versions

* Fixed compilation issue

---------

Co-authored-by: Loganathan Sekar <[email protected]>

* Release changes (#1063)

* Release Bot Pre-release changes

* Update README.md

Signed-off-by: Keshav Mishra <[email protected]>

---------

Signed-off-by: Keshav Mishra <[email protected]>
Co-authored-by: ckm007 <[email protected]>

* Release 1.2.0.1 b4 (#1064)

* Reverted dependencies snapshot versions (#1059)

Co-authored-by: Loganathan Sekar <[email protected]>

* Fix compilation issue after snapshot version revert. (#1060)

* Reverted dependencies snapshot versions

* Fixed compilation issue

---------

Co-authored-by: Loganathan Sekar <[email protected]>

* Release changes (#1063)

* Release Bot Pre-release changes

* Update README.md

Signed-off-by: Keshav Mishra <[email protected]>

---------

Signed-off-by: Keshav Mishra <[email protected]>
Co-authored-by: ckm007 <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update push_trigger.yml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

* Update pom.xml

Signed-off-by: Keshav Mishra <[email protected]>

---------

Signed-off-by: Keshav Mishra <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: ckm007 <[email protected]>

* [MOSIP-29044] (#1067)

* Rename 1.2.0.1-B3_to_1.2.0.1_rollback.sql to 1.2.0.1-B3_to_1.2.0.1-B4_rollback.sql

Signed-off-by: Keshav Mishra <[email protected]>

* Rename 1.2.0.1-B3_to_1.2.0.1_upgrade.sql to 1.2.0.1-B3_to_1.2.0.1-B4_upgrade.sql

Signed-off-by: Keshav Mishra <[email protected]>

* Create 1.2.0.1-B4_to_1.2.0.1_rollback.sql

Signed-off-by: Keshav Mishra <[email protected]>

* Create Create 1.2.0.1-B4_to_1.2.0.1_upgrade.sql

Signed-off-by: Keshav Mishra <[email protected]>

* Rename Create 1.2.0.1-B4_to_1.2.0.1_upgrade.sql to 1.2.0.1-B4_to_1.2.0.1_upgrade.sql

Signed-off-by: Keshav Mishra <[email protected]>

---------

Signed-off-by: Keshav Mishra <[email protected]>

* [MOSIP-28484] Added error handling for deploy.sh script (#1065)

Co-authored-by: akilalakshmanan <[email protected]>

* Update push_trigger.yml

Signed-off-by: Keshav Mishra <[email protected]>

* WIP-Changes to allow available otp channel

* PSA-171 fix for allowing one of the available channels when both channels specified.

* Updated the pom versions

* Fix to have case insensitive check for channel attribute

---------

Signed-off-by: Keshav Mishra <[email protected]>
Co-authored-by: Manoj SP <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: Keshav Mishra <[email protected]>
Co-authored-by: syed-salman-technoforte <[email protected]>
Co-authored-by: syed-salman-technoforte <[email protected]>
Co-authored-by: kameshsr <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: pramod444 <[email protected]>
Co-authored-by: syed salman <[email protected]>
Co-authored-by: ckm007 <[email protected]>
Co-authored-by: Mahesh-Binayak <[email protected]>
Co-authored-by: M1044292 <[email protected]>
Co-authored-by: Mohan E <[email protected]>
Co-authored-by: Neha2365 <[email protected]>
Co-authored-by: Neha Farheen <[email protected]>
Co-authored-by: Anusha Sunkada <[email protected]>
Co-authored-by: Himaja Dhanyamraju <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: Vishwa <[email protected]>
Co-authored-by: Rakshitha650 <[email protected]>
Co-authored-by: Akila Lakshmanan <[email protected]>
Co-authored-by: akilalakshmanan <[email protected]>

* ES-187 (#1092)

Co-authored-by: ase-101 <>

* [ES-280], [ES-281] (#1094)

* Corrected dependency versions.

* Fixed NotReadablePropertyException error and added VID or UIN in VC.

* Fixed test cases error. (#1095)

* Fixed Test cases error. (#1096)

* Fixed test case error. (#1097)

* Fixed Test cases error. (#1098)

* Fixed test case error.

* Fixed test cases error.

* [ES-261] test cases for idaVCIssuancePluginImpl (#1093)

* added test cases for idaVCIssuancePluginImpl

* test cases added for idaVCIssuancePluginImpl

* added test cases for idaVCIssuancePluginImpl

* added langCode converter in idaVCIssuancePluginImpl

* [ES-261] changes in testCases for IdaVCIssuancePluginImpl (#1100)

* added test cases for idaVCIssuancePluginImpl

* test cases added for idaVCIssuancePluginImpl

* added test cases for idaVCIssuancePluginImpl

* added langCode converter in idaVCIssuancePluginImpl

* fix the build failed

* [MOSIP-29163] updated reusable workflows (#1103)

* [MOSIP-29163] updated secret in reusable workflows

* Revert "[MOSIP-29163] updated secret in reusable workflows"

This reverts commit 6d55aaf.

* [MOSIP-29163] updated secret in reusable workflows

* [MOSIP-29163] removed tag.origin

* [ES-313] Fixed blank attribute issue & language not available issue. (#1105)

* Resolved Merge issues.

---------

Signed-off-by: Keshav Mishra <[email protected]>
Co-authored-by: Neha2365 <[email protected]>
Co-authored-by: Neha Farheen <[email protected]>
Co-authored-by: Hitesh Jain <[email protected]>
Co-authored-by: Vishwa <[email protected]>
Co-authored-by: anshulv1401 <[email protected]>
Co-authored-by: Akila Lakshmanan <[email protected]>
Co-authored-by: akilalakshmanan <[email protected]>
Co-authored-by: ase-101 <>
Co-authored-by: bhumi46 <[email protected]>
Co-authored-by: Manoj SP <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: Keshav Mishra <[email protected]>
Co-authored-by: syed-salman-technoforte <[email protected]>
Co-authored-by: syed-salman-technoforte <[email protected]>
Co-authored-by: kameshsr <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: pramod444 <[email protected]>
Co-authored-by: syed salman <[email protected]>
Co-authored-by: ckm007 <[email protected]>
Co-authored-by: Mahesh-Binayak <[email protected]>
Co-authored-by: M1044292 <[email protected]>
Co-authored-by: Mohan E <[email protected]>
Co-authored-by: Anusha Sunkada <[email protected]>
Co-authored-by: Himaja Dhanyamraju <[email protected]>
Co-authored-by: Loganathan Sekar <[email protected]>
Co-authored-by: Rakshitha650 <[email protected]>
Co-authored-by: kaifk468 <[email protected]>

authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/helper/TokenValidationHelper.java

@@ -1,26 +1,17 @@
 package io.mosip.authentication.common.service.helper;
 
 import java.time.LocalDateTime;
-import java.util.Collection;
-import java.util.List;
 import java.util.Optional;
-import java.util.Set;
-import java.util.stream.Collectors;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
 
 import io.mosip.authentication.common.service.entity.KycTokenData;
-import io.mosip.authentication.common.service.entity.OIDCClientData;
 import io.mosip.authentication.common.service.repository.KycTokenDataRepository;
-import io.mosip.authentication.common.service.repository.OIDCClientDataRepository;
-import io.mosip.authentication.common.service.util.EnvUtil;
-import io.mosip.authentication.common.service.util.IdaRequestResponsConsumerUtil;
 import io.mosip.authentication.core.constant.IdAuthCommonConstants;
 import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants;
 import io.mosip.authentication.core.constant.KycTokenStatusType;
 import io.mosip.authentication.core.exception.IdAuthenticationBusinessException;
-import io.mosip.authentication.core.indauth.dto.BaseRequestDTO;
 import io.mosip.authentication.core.logger.IdaLogger;
 import io.mosip.authentication.core.spi.indauth.service.KycService;
 import io.mosip.kernel.core.logger.spi.Logger;
@@ -31,29 +22,19 @@
  * @author Mahammed Taheer
  */
 
+@Component
 public class TokenValidationHelper {
 
     	/** The mosip logger. */
 	private static Logger mosipLogger = IdaLogger.getLogger(TokenValidationHelper.class);
 
-    @Value("${ida.idp.consented.individual_id.attribute.name:individual_id}")
-	private String consentedIndividualIdAttributeName;
-
-
     /** The Kyc Service */
 	@Autowired
 	private KycService kycService;
 
     @Autowired
 	private KycTokenDataRepository kycTokenDataRepo;
 
-	@Autowired
-	private IdInfoHelper idInfoHelper;
-
-    @Autowired
-	private OIDCClientDataRepository oidcClientDataRepo; 
-
-
     public KycTokenData findAndValidateIssuedToken(String tokenData, String oidcClientId, String reqTransactionId, 
         String idvidHash) throws IdAuthenticationBusinessException {
 
@@ -131,49 +112,4 @@ private void validateToken(KycTokenData kycTokenData, String oidcClientId, Strin
 						IdAuthenticationErrorConstants.KYC_TOKEN_EXPIRED.getErrorMessage());
 		}
 	}
-
-	public void mapConsentedAttributesToIdSchemaAttributes(List<String> consentAttributes, Set<String> filterAttributes, 
-			List<String> policyAllowedKycAttribs) throws IdAuthenticationBusinessException {
-
-		if(consentAttributes != null && !consentAttributes.isEmpty()) {
-			for (String attrib : consentAttributes) {
-				Collection<? extends String> idSchemaAttribute = idInfoHelper.getIdentityAttributesForIdName(attrib);
-				filterAttributes.addAll(idSchemaAttribute);
-			}
-			// removing individual id from consent if the claim is not allowed in policy.
-			if (!policyAllowedKycAttribs.contains(consentedIndividualIdAttributeName)) {
-				consentAttributes.remove(consentedIndividualIdAttributeName);
-			}
-		}
-	} 
-
-	public Set<String> filterByPolicyAllowedAttributes(Set<String> filterAttributes, List<String> policyAllowedKycAttribs) {
-		return policyAllowedKycAttribs.stream()
-							.filter(attribute -> filterAttributes.contains(attribute))
-							.collect(Collectors.toSet());
-	}
-
-	public String getKycExchangeResponseTime(BaseRequestDTO authRequestDTO) {
-		String dateTimePattern = EnvUtil.getDateTimePattern();
-		return IdaRequestResponsConsumerUtil.getResponseTime(authRequestDTO.getRequestTime(), dateTimePattern);
-	}
-
-	public List<String> filterAllowedUserClaims(String oidcClientId, List<String> consentAttributes) {
-		mosipLogger.info(IdAuthCommonConstants.IDA, this.getClass().getSimpleName(), "filterAllowedUserClaims", 
-					"Checking for OIDC client allowed userclaims");
-		Optional<OIDCClientData> oidcClientData = oidcClientDataRepo.findByClientId(oidcClientId);
-
-		List<String> oidcClientAllowedUserClaims = List.of(oidcClientData.get().getUserClaims())
-													   .stream()
-													   .map(String::toLowerCase)
-													   .collect(Collectors.toList());
-		if (consentAttributes.isEmpty()) {
-			return oidcClientAllowedUserClaims;
-		}
-
-		return consentAttributes.stream()
-							    .filter(claim -> oidcClientAllowedUserClaims.contains(claim.toLowerCase()))
-								.collect(Collectors.toList());
-
-	}
 }

authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/facade/KycFacadeImpl.java

@@ -3,6 +3,7 @@
  */
 package io.mosip.authentication.service.kyc.facade;
 
+import java.time.LocalDateTime;
 import java.util.AbstractMap.SimpleEntry;
 import java.util.Collection;
 import java.util.HashSet;
@@ -26,11 +27,13 @@
 import io.mosip.authentication.common.service.builder.AuthTransactionBuilder;
 import io.mosip.authentication.common.service.entity.AutnTxn;
 import io.mosip.authentication.common.service.entity.KycTokenData;
+import io.mosip.authentication.common.service.entity.OIDCClientData;
 import io.mosip.authentication.common.service.helper.AuditHelper;
 import io.mosip.authentication.common.service.helper.TokenValidationHelper;
 import io.mosip.authentication.common.service.integration.TokenIdManager;
 import io.mosip.authentication.common.service.repository.IdaUinHashSaltRepo;
 import io.mosip.authentication.common.service.repository.KycTokenDataRepository;
+import io.mosip.authentication.common.service.repository.OIDCClientDataRepository;
 import io.mosip.authentication.common.service.transaction.manager.IdAuthSecurityManager;
 import io.mosip.authentication.common.service.util.EnvUtil;
 import io.mosip.authentication.common.service.util.IdaRequestResponsConsumerUtil;
@@ -70,6 +73,7 @@
 import io.mosip.authentication.core.spi.indauth.match.IdInfoFetcher;
 import io.mosip.authentication.core.spi.indauth.service.KycService;
 import io.mosip.authentication.core.spi.partner.service.PartnerService;
+import io.mosip.authentication.service.kyc.util.ExchangeDataAttributesUtil;
 import io.mosip.kernel.core.logger.spi.Logger;
 import reactor.util.function.Tuple3;
 
@@ -133,6 +137,9 @@ public class KycFacadeImpl implements KycFacade {
 	@Autowired
 	private TokenValidationHelper tokenValidationHelper;
 
+	@Autowired
+	private ExchangeDataAttributesUtil exchangeDataAttributesUtil;
+
 	/*
 	 * (non-Javadoc)
 	 * 
@@ -399,15 +406,15 @@ public KycExchangeResponseDTO processKycExchange(KycExchangeRequestDTO kycExchan
 			}
 
 			List<String> consentAttributes = kycExchangeRequestDTO.getConsentObtained();
-			List<String> allowedConsentAttributes = tokenValidationHelper.filterAllowedUserClaims(oidcClientId, consentAttributes);
+			List<String> allowedConsentAttributes = exchangeDataAttributesUtil.filterAllowedUserClaims(oidcClientId, consentAttributes);
 
 			PolicyDTO policyDto = policyDtoOpt.get();
 			List<String> policyAllowedKycAttribs = Optional.ofNullable(policyDto.getAllowedKycAttributes()).stream()
 						.flatMap(Collection::stream).map(KYCAttributes::getAttributeName).collect(Collectors.toList());
 
 			Set<String> filterAttributes = new HashSet<>();
-			tokenValidationHelper.mapConsentedAttributesToIdSchemaAttributes(allowedConsentAttributes, filterAttributes, policyAllowedKycAttribs);
-			Set<String> policyAllowedAttributes = tokenValidationHelper.filterByPolicyAllowedAttributes(filterAttributes, policyAllowedKycAttribs);
+			exchangeDataAttributesUtil.mapConsentedAttributesToIdSchemaAttributes(allowedConsentAttributes, filterAttributes, policyAllowedKycAttribs);
+			Set<String> policyAllowedAttributes = exchangeDataAttributesUtil.filterByPolicyAllowedAttributes(filterAttributes, policyAllowedKycAttribs);
 
 			boolean isBioRequired = false;
 			if (filterAttributes.contains(CbeffDocType.FACE.getType().value().toLowerCase()) || 
@@ -438,7 +445,7 @@ public KycExchangeResponseDTO processKycExchange(KycExchangeRequestDTO kycExchan
 			kycExchangeResponseDTO.setId(kycExchangeRequestDTO.getId());
 			kycExchangeResponseDTO.setTransactionID(kycExchangeRequestDTO.getTransactionID());
 			kycExchangeResponseDTO.setVersion(kycExchangeRequestDTO.getVersion());
-			kycExchangeResponseDTO.setResponseTime(tokenValidationHelper.getKycExchangeResponseTime(kycExchangeRequestDTO));
+			kycExchangeResponseDTO.setResponseTime(exchangeDataAttributesUtil.getKycExchangeResponseTime(kycExchangeRequestDTO));
 
 			EncryptedKycRespDTO encryptedKycRespDTO = new EncryptedKycRespDTO();
 			encryptedKycRespDTO.setEncryptedKyc(respJson);
@@ -455,7 +462,6 @@ public KycExchangeResponseDTO processKycExchange(KycExchangeRequestDTO kycExchan
 		}
 	}
 
-
 	// Need to move below duplicate code to common to be used by OTPService and KycExchange.
 	private void saveToTxnTable(KycExchangeRequestDTO kycExchangeRequestDTO, boolean isInternal, boolean status, String partnerId, String token, 
 				KycExchangeResponseDTO kycExchangeResponseDTO, ObjectWithMetadata requestWithMetadata)

authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/facade/VciFacadeImpl.java

@@ -1,6 +1,3 @@
-/**
- * 
- */
 package io.mosip.authentication.service.kyc.facade;
 
 import java.util.ArrayList;
@@ -52,6 +49,7 @@
 import io.mosip.authentication.core.spi.indauth.match.IdInfoFetcher;
 import io.mosip.authentication.core.spi.partner.service.PartnerService;
 import io.mosip.authentication.service.kyc.impl.VciServiceImpl;
+import io.mosip.authentication.service.kyc.util.ExchangeDataAttributesUtil;
 import io.mosip.kernel.core.logger.spi.Logger;
 
 /**
@@ -104,6 +102,9 @@ public class VciFacadeImpl implements VciFacade {
 	@Autowired
 	private KycTokenDataRepository kycTokenDataRepo;
 
+	@Autowired
+	private ExchangeDataAttributesUtil exchangeDataAttributesUtil;
+
 	@Override
 	public VciExchangeResponseDTO processVciExchange(VciExchangeRequestDTO vciExchangeRequestDTO, String partnerId, 
 			String oidcClientId, Map<String, Object>  metadata, ObjectWithMetadata requestWithMetadata) throws IdAuthenticationBusinessException {
@@ -133,15 +134,15 @@ public VciExchangeResponseDTO processVciExchange(VciExchangeRequestDTO vciExchan
 
 			// Will implement later the consent claims based on credential definition input
 			List<String> consentAttributes = Collections.emptyList();  
-			List<String> allowedConsentAttributes = tokenValidationHelper.filterAllowedUserClaims(oidcClientId, consentAttributes);
+			List<String> allowedConsentAttributes = exchangeDataAttributesUtil.filterAllowedUserClaims(oidcClientId, consentAttributes);
 
 			PolicyDTO policyDto = policyDtoOpt.get();
 			List<String> policyAllowedKycAttribs = Optional.ofNullable(policyDto.getAllowedKycAttributes()).stream()
 						.flatMap(Collection::stream).map(KYCAttributes::getAttributeName).collect(Collectors.toList());
 
 			Set<String> filterAttributes = new HashSet<>();
-			tokenValidationHelper.mapConsentedAttributesToIdSchemaAttributes(allowedConsentAttributes, filterAttributes, policyAllowedKycAttribs);
-			Set<String> policyAllowedAttributes = tokenValidationHelper.filterByPolicyAllowedAttributes(filterAttributes, policyAllowedKycAttribs);
+			exchangeDataAttributesUtil.mapConsentedAttributesToIdSchemaAttributes(allowedConsentAttributes, filterAttributes, policyAllowedKycAttribs);
+			Set<String> policyAllowedAttributes = exchangeDataAttributesUtil.filterByPolicyAllowedAttributes(filterAttributes, policyAllowedKycAttribs);
 
 			boolean isBioRequired = false;
 			if (filterAttributes.contains(CbeffDocType.FACE.getType().value().toLowerCase()) || 
@@ -178,7 +179,7 @@ public VciExchangeResponseDTO processVciExchange(VciExchangeRequestDTO vciExchan
 			vciExchangeResponseDTO.setId(vciExchangeRequestDTO.getId());
 			vciExchangeResponseDTO.setTransactionID(vciExchangeRequestDTO.getTransactionID());
 			vciExchangeResponseDTO.setVersion(vciExchangeRequestDTO.getVersion());
-			vciExchangeResponseDTO.setResponseTime(tokenValidationHelper.getKycExchangeResponseTime(vciExchangeRequestDTO));
+			vciExchangeResponseDTO.setResponseTime(exchangeDataAttributesUtil.getKycExchangeResponseTime(vciExchangeRequestDTO));
 			vciExchangeResponseDTO.setResponse(vcResponseDTO);
 			saveToTxnTable(vciExchangeRequestDTO, false, true, partnerId, token, vciExchangeResponseDTO, requestWithMetadata);
 			auditHelper.audit(AuditModules.VCI_EXCHANGE, AuditEvents.VCI_EXCHANGE_REQUEST_RESPONSE,

authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/impl/KycServiceImpl.java

@@ -4,6 +4,7 @@
 import java.nio.ByteBuffer;
 import java.time.LocalDateTime;
 import java.time.temporal.ChronoUnit;
+import java.time.temporal.ValueRange;
 import java.util.AbstractMap.SimpleEntry;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -441,9 +442,11 @@ public boolean isKycTokenExpire(LocalDateTime tokenIssuedDateTime, String kycTok
 		LocalDateTime currentTime = LocalDateTime.now();
 
 		long diffSeconds = ChronoUnit.SECONDS.between(tokenIssuedDateTime, currentTime);
+
 		long adjustmentSeconds = EnvUtil.getKycTokenExpireTimeAdjustmentSeconds();
+		ValueRange valueRange = ValueRange.of(0, adjustmentSeconds);
 
-		if (tokenIssuedDateTime != null && adjustmentSeconds < diffSeconds) {
+		if (tokenIssuedDateTime != null && !valueRange.isValidIntValue(diffSeconds)) {
 			return true;
 		}
 		return false;

authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/impl/VciServiceImpl.java

@@ -399,15 +399,21 @@ private Map<String, Object> getCredSubjectMap(String credSubjectId, Map<String,
 					continue;
 				if (idInfoList.size() == 1) {
 					IdentityInfoDTO identityInfo = idInfoList.get(0);
-					if (Objects.isNull(identityInfo.getLanguage()))
-						credSubjectMap.put(idSchemaAttribute, idInfoList.get(0).getValue());
+					if (Objects.isNull(identityInfo.getLanguage())) {
+						String value = identityInfo.getValue();
+						if (Objects.nonNull(value) && (value.trim().length() > 0))
+							credSubjectMap.put(idSchemaAttribute, value);
+					}
 					else {
 						Map<String, String> valueMap = new HashMap<>();
 						String lang = identityInfo.getLanguage();
 						if (locales.contains(lang)) {
-							valueMap.put(IdAuthCommonConstants.LANGUAGE_STRING, lang);
-							valueMap.put(IdAuthCommonConstants.VALUE_STRING, identityInfo.getValue());
-							credSubjectMap.put(idSchemaAttribute, valueMap);
+							String value = identityInfo.getValue();
+							if (Objects.nonNull(value) && (value.trim().length() > 0)) {
+								valueMap.put(IdAuthCommonConstants.LANGUAGE_STRING, lang);
+								valueMap.put(IdAuthCommonConstants.VALUE_STRING, value);
+								credSubjectMap.put(idSchemaAttribute, valueMap);
+							}
 						}
 					}
 					continue;
@@ -417,12 +423,16 @@ private Map<String, Object> getCredSubjectMap(String credSubjectId, Map<String,
 					Map<String, String> valueMap = new HashMap<>();
 					String lang = identityInfo.getLanguage();
 					if (locales.contains(lang)) {
-						valueMap.put(IdAuthCommonConstants.LANGUAGE_STRING, identityInfo.getLanguage());
-						valueMap.put(IdAuthCommonConstants.VALUE_STRING, identityInfo.getValue());
-						valueList.add(valueMap);
+						String value = identityInfo.getValue();
+						if (Objects.nonNull(value) && (value.trim().length() > 0)) {
+							valueMap.put(IdAuthCommonConstants.LANGUAGE_STRING, identityInfo.getLanguage());
+							valueMap.put(IdAuthCommonConstants.VALUE_STRING, identityInfo.getValue());
+							valueList.add(valueMap);
+						}
 					}
 				}
-				credSubjectMap.put(idSchemaAttribute, valueList);
+				if (valueList.size() > 0)
+					credSubjectMap.put(idSchemaAttribute, valueList);
 			}
 		}
 		return credSubjectMap;

authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/util/ExchangeDataAttributesUtil.java

@@ -0,0 +1,90 @@
+package io.mosip.authentication.service.kyc.util;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Optional;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import io.mosip.authentication.common.service.entity.OIDCClientData;
+import io.mosip.authentication.common.service.helper.IdInfoHelper;
+import io.mosip.authentication.common.service.repository.OIDCClientDataRepository;
+import io.mosip.authentication.common.service.util.EnvUtil;
+import io.mosip.authentication.common.service.util.IdaRequestResponsConsumerUtil;
+import io.mosip.authentication.core.constant.IdAuthCommonConstants;
+import io.mosip.authentication.core.exception.IdAuthenticationBusinessException;
+import io.mosip.authentication.core.indauth.dto.BaseRequestDTO;
+import io.mosip.authentication.core.logger.IdaLogger;
+import io.mosip.kernel.core.logger.spi.Logger;
+
+/**
+ * Utility class to filter the consented attribute and policy allowed attributes.
+ *
+ * @author Mahammed Taheer
+ */
+
+@Component
+public class ExchangeDataAttributesUtil {
+
+    /** The mosip logger. */
+	private static Logger mosipLogger = IdaLogger.getLogger(ExchangeDataAttributesUtil.class);
+
+    @Value("${ida.idp.consented.individual_id.attribute.name:individual_id}")
+	private String consentedIndividualIdAttributeName;
+
+    @Autowired
+	private IdInfoHelper idInfoHelper;
+
+    @Autowired
+	private OIDCClientDataRepository oidcClientDataRepo; 
+
+    public void mapConsentedAttributesToIdSchemaAttributes(List<String> consentAttributes, Set<String> filterAttributes, 
+			List<String> policyAllowedKycAttribs) throws IdAuthenticationBusinessException {
+
+		if(consentAttributes != null && !consentAttributes.isEmpty()) {
+			for (String attrib : consentAttributes) {
+				Collection<? extends String> idSchemaAttribute = idInfoHelper.getIdentityAttributesForIdName(attrib);
+				filterAttributes.addAll(idSchemaAttribute);
+			}
+			// removing individual id from consent if the claim is not allowed in policy.
+			if (!policyAllowedKycAttribs.contains(consentedIndividualIdAttributeName)) {
+				consentAttributes.remove(consentedIndividualIdAttributeName);
+			}
+		}
+	} 
+
+	public Set<String> filterByPolicyAllowedAttributes(Set<String> filterAttributes, List<String> policyAllowedKycAttribs) {
+		return policyAllowedKycAttribs.stream()
+							.filter(attribute -> filterAttributes.contains(attribute))
+							.collect(Collectors.toSet());
+	}
+
+	public String getKycExchangeResponseTime(BaseRequestDTO authRequestDTO) {
+		String dateTimePattern = EnvUtil.getDateTimePattern();
+		return IdaRequestResponsConsumerUtil.getResponseTime(authRequestDTO.getRequestTime(), dateTimePattern);
+	}
+
+	public List<String> filterAllowedUserClaims(String oidcClientId, List<String> consentAttributes) {
+		mosipLogger.info(IdAuthCommonConstants.IDA, this.getClass().getSimpleName(), "filterAllowedUserClaims", 
+					"Checking for OIDC client allowed userclaims");
+		Optional<OIDCClientData> oidcClientData = oidcClientDataRepo.findByClientId(oidcClientId);
+
+		List<String> oidcClientAllowedUserClaims = List.of(oidcClientData.get().getUserClaims())
+													   .stream()
+													   .map(String::toLowerCase)
+													   .collect(Collectors.toList());
+		if (consentAttributes.isEmpty()) {
+			return oidcClientAllowedUserClaims;
+		}
+
+		return consentAttributes.stream()
+							    .filter(claim -> oidcClientAllowedUserClaims.contains(claim.toLowerCase()))
+								.collect(Collectors.toList());
+
+	}
+
+}